# -*- coding:utf-8 -*-
# @Time: 2020/7/15 14:00
# @Author: liupengfei
# @File: rbac.py
import re

from django.http import HttpResponse
from django.shortcuts import render
from django.utils.deprecation import MiddlewareMixin
from django.conf import settings


class RbacMiddleware(MiddlewareMixin):
    def process_request(self, request):
        # process_request 请求的时候，从上往下执行如果return HttpResponse的对象，直接返回了。如果return None 继续往下走
        # 当前访问的URL
        current_url = request.path_info
        print(request.method)
        return HttpResponse('无权限访问,请联系管理员。')
        # 循环白名单
        # for valid in settings.PERMISSION_VALID_URL:
        #     if re.match(valid, current_url):
        #         return None
        #
        # # 当前用户的所有权限
        # permission_dict = request.session.get(settings.PERMISSION_DICT_SESSION_KEY)
        # print("permission_dict:", permission_dict)
        # if not permission_dict:
        #     # return HttpResponse('当前用户无权限信息')
        #     return HttpResponse('当前用户未登录！')
        #
        # # 用户权限和当前URL进行匹配
        # flag = False
        # for item in permission_dict.values():
        #
        #     urls = item['urls']
        #     codes = item['codes']
        #     for rex in urls:
        #         reg = settings.REX_FORMAT % (rex,)
        #         print(rex, current_url)
        #         if re.match(reg, current_url):
        #             flag = True
        #             request.permission_codes = codes
        #             break
        #     if flag:
        #         break
        #
        # if not flag:
        #     # return HttpResponse('无权限访问,请联系管理员。')
        #     return render(request, "")

    # def process_response(self,request,response):

    # process_response ,从下往上执行必须 return HttpResponse的对象
